<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<?php
$layout = explode('&&&', file_get_contents('layout.html'));
echo $layout[0];

session_start();
if (!(isset($_SESSION['username'])))
	header("location:login.php");
?>

<html>
<body>

<!-- Begin Main Column -->

<div id="mainContent">

	<h2>Organization Information</h2>
	 <p></p>
    Note: Required fields denoted with an asterisk(*)
	<form id="form1" method="post" action="">
	  <table width="433" height="262" border="0">
        <tr>
          <td width="189">* Organization Name:</td>
          <td width="234"><label>
            <input type="text" name="organization_name" id="organization_name" />
          </label></td>
        </tr>
        <tr>
          <td>Community Partner:</td>
          <td>
              <input type="radio" name="community_partner" value="Yes" id="community_partner_yes" />
              Yes
              <input type="radio" name="community_partner" value="No" id="community_partner_no" />
              No
            </td>
        </tr>
        <tr>
          <td>Address:</td>
          <td><label>
            <input type="text" name="address" id="address" />
          </label></td>
        </tr>
        <tr>
          <td>City:</td>
          <td><label>
            <input type="text" name="city" id="city" />
          </label></td>
        </tr>
        <tr>
          <td>Zip Code:</td>
          <td><label>
            <input name="zipcode" type="text" id="zipcode" size="5" maxlength="5" />
          </label></td>
        </tr>
        <tr>
          <td>County:</td>
          <td><label>
            <input type="text" name="county" id="county" />
          </label></td>
        </tr>
        <tr>
          <td>Website:</td>
          <td><label>
            <input type="text" name="website" id="website" />
          </label></td>
        </tr>
        <tr>
          <td>Contact First Name:</td>
          <td><label>
            <input type="text" name="contact_first_name" id="contact_first_name" />
          </label></td>
        </tr>
        <tr>
          <td>Contact Last Name:</td>
          <td><label>
            <input type="text" name="contact_last_name" id="contact_last_name" />
          </label></td>
        </tr>
        <tr>
          <td>Contact Title:</td>
          <td><label>
            <input type="text" name="contact_title" id="contact_title" />
          </label></td>
        </tr>
        <tr>
          <td>Contact Email:</td>
          <td><label>
            <input type="text" name="contact_email" id="contact_email" />
          </label></td>
        </tr>
        <tr>
          <td>Contact Phone:</td>
          <td><label>
            <input name="contact_phone" type="text" id="contact_phone" size="10" maxlength="10" />
          </label></td>
        </tr>
        <tr>
          <td>Contact Fax:</td>
          <td><label>
            <input name="contact_fax" type="text" id="contact_fax" size="10"  maxlength="10" />
          </label></td>
        </tr>
      </table>
      <p>
        <label>
        <input type="submit" name="submit" id="submit" value="Submit" class = "button" />
        </label>
      </p>
	</form>
    <p>
	 <?php
		 	if($_POST) {
				ob_start();
				$host="localhost"; // Host name
				$username="root"; // Mysql username
				$password=""; // Mysql password
				$db_name="rtl"; // Database name
				$tbl_name="organization"; // Table name

				// Connect to server and select databse.
				mysql_connect("$host", "$username", "$password")or die("cannot connect");
				mysql_select_db("$db_name")or die("cannot select DB");

				$org_name=$_POST['organization_name'];
				$community_partner=$_POST['community_partner'];
				$address=$_POST['address'];
				$city=$_POST['city'];
				$zipcode=$_POST['zipcode'];
				$county=$_POST['county'];
				$website=$_POST['website'];
				$contact_firstname=$_POST['contact_first_name'];
				$contact_lastname=$_POST['contact_last_name'];
				$contact_title=$_POST['contact_title'];
				$contact_email=$_POST['contact_email'];
				$contact_phone=$_POST['contact_phone'];
				$contact_fax=$_POST['contact_fax'];

				// To protect MySQL injection (more detail about MySQL injection)
				$org_name = stripslashes($org_name);
				$community_partner=stripslashes($community_partner);
				$address = stripslashes($address);
				$city = stripslashes($city);
				$zipcode = stripslashes($zipcode);
				$county = stripslashes($county);
				$website = stripslashes($website);
				$contact_firstname = stripslashes($contact_firstname);
				$contact_lastname = stripslashes($contact_lastname);
				$contact_title = stripslashes($contact_title);
				$contact_email = stripslashes($contact_email);
				$contact_phone = stripslashes($contact_phone);
				$contact_fax = stripslashes($contact_fax);

				$org_name = mysql_real_escape_string($org_name);
				$community_partner=mysql_real_escape_string($community_partner);
				$address = mysql_real_escape_string($address);
				$city = mysql_real_escape_string($city);
				$zipcode = mysql_real_escape_string($zipcode);
				$county = mysql_real_escape_string($county);
			    $website = mysql_real_escape_string($website);
				$contact_firstname = mysql_real_escape_string($contact_firstname);
			    $contact_lastname = mysql_real_escape_string($contact_lastname);
				$contact_title = mysql_real_escape_string($contact_title);
				$contact_email = mysql_real_escape_string($contact_email);
				$contact_phone = mysql_real_escape_string($contact_phone);
				$contact_fax = mysql_real_escape_string($contact_fax);
				
				$error=0;
				if($org_name != NULL)
				{
					$query_Org = "SELECT * FROM organization";
					$row_Org = mysql_query($query_Org);
					while ($Org_all = mysql_fetch_assoc($row_Org)){
						if($Org_all['ORGNAME'] == $org_name)
						{
							$org_yes = 1;
							break;
						}
						else
						{
							$org_yes = 0;
						}
				}
				if($org_yes ==0)
				{
					mysql_query("INSERT INTO $tbl_name (ORGNAME, COMMUNITYPARTNER, ADDRESS, CITY, ZIPCODE,COUNTY, WEBSITE,
						CONTACTFIRSTNAME, CONTACTLASTNAME, CONTACTTITLE, CONTACTEMAIL, CONTACTPHONE, CONTACTFAX)
						VALUES ('$org_name', '$community_partner', '$address', '$city', '$zipcode', '$county', '$website',
						'$contact_firstname','$contact_lastname', '$contact_title', '$contact_email', '$contact_phone',
						'$contact_fax' )");
						
					echo "Organization Successfuly Created.";
				}
			}

				/*if(!$error) {
					echo "<META HTTP-EQUIV='refresh' content='0;URL=CreatePresenter.php'>";
				}*/

				ob_end_flush();
			}
	?>
	</div>

<!-- Begin Side Column -->
<!-- Begin Footer -->

<?php
echo $layout[1];
?>

</body>
</html>